All of your files are encrypted!
Find {EXT}-readme.txt and follow instuctions
ransom_template
---=== Welcome. Again. ===---
[+] Whats Happen? [+]
Your files are encrypted, and currently unavailable. You can check it: all files on your system has extension {EXT}.
By the way, everything is possible to recover (restore), but you need to follow our instructions. Otherwise, you cant return your data (NEVER).
Also we downloaded whole file server and make Sage backup, that means leak includes:
-Detailed engineering diagrams;
-Finance reports (Payrolls, incomes, budget and so on);
-NDA with customers and subcontractors;
-Employee information;
-Other things;
In case of your silence we will publish it in our "Happy blog"
[+] What guarantees? [+]
Its just a business. We absolutely do not care about you and your deals, except getting benefits. If we do not do our work and liabilities - nobody will not cooperate with us. Its not in our interests.
To check the ability of returning files, You should go to our website. There you can decrypt one file for free. That is our guarantee.
If you will not cooperate with our service - for us, its does not matter. But you will lose your time and data, cause just we have the private key. In practice - time is much more valuable than money.
[+] How to get access on website? [+]
You have two ways:
1) [Recommended] Using a TOR browser!
a) Download and install TOR browser from this site: https://torproject.org/
b) Open our website: http://aplebzu47wgazapdqks6vrcv6zcnjppkbxbr6wketf56nf6aq2nmyoyd.onion/{UID}
2) If TOR blocked in your country, try to use VPN! But you can use our secondary website. For this:
a) Open your any browser (Chrome, Firefox, Opera, IE, Edge)
b) Open our secondary website: http://decoder.re/{UID}
Warning: secondary website can be blocked, thats why first variant much better and more available.
When you open our website, put the following data in the input form:
Key:
{KEY}
-----------------------------------------------------------------------------------------
!!! DANGER !!!
DON'T try to change files by yourself, DON'T use any third party software for restoring your data or antivirus solutions - its may entail damage of the private key and, as result, The Loss all data.
!!! !!! !!!
ONE MORE TIME: Its in your interests to get your files back. From our side, we (the best specialists) make everything for restoring, but please should not interfere.
!!! !!! !!!
sub
8249
svc
sql
memtas
backup
svc$
veeam
sophos
vss
mepocs
Extracted
Path
C:\Users\2kf1dk1-readme.txt
Family
sodinokibi
Ransom Note
---=== Welcome. Again. ===---
[+] Whats Happen? [+]
Your files are encrypted, and currently unavailable. You can check it: all files on your system has extension 2kf1dk1.
By the way, everything is possible to recover (restore), but you need to follow our instructions. Otherwise, you cant return your data (NEVER).
Also we downloaded whole file server and make Sage backup, that means leak includes:
-Detailed engineering diagrams;
-Finance reports (Payrolls, incomes, budget and so on);
-NDA with customers and subcontractors;
-Employee information;
-Other things;
In case of your silence we will publish it in our "Happy blog"
[+] What guarantees? [+]
Its just a business. We absolutely do not care about you and your deals, except getting benefits. If we do not do our work and liabilities - nobody will not cooperate with us. Its not in our interests.
To check the ability of returning files, You should go to our website. There you can decrypt one file for free. That is our guarantee.
If you will not cooperate with our service - for us, its does not matter. But you will lose your time and data, cause just we have the private key. In practice - time is much more valuable than money.
[+] How to get access on website? [+]
You have two ways:
1) [Recommended] Using a TOR browser!
a) Download and install TOR browser from this site: https://torproject.org/
b) Open our website: http://aplebzu47wgazapdqks6vrcv6zcnjppkbxbr6wketf56nf6aq2nmyoyd.onion/7E7B8EB63478F193
2) If TOR blocked in your country, try to use VPN! But you can use our secondary website. For this:
a) Open your any browser (Chrome, Firefox, Opera, IE, Edge)
b) Open our secondary website: http://decoder.re/7E7B8EB63478F193
Warning: secondary website can be blocked, thats why first variant much better and more available.
When you open our website, put the following data in the input form:
Key:
T71TjuTzL+KtZ0aQXqfwhHGrlCDVums1392wX3+YksoEPX416aKHNEi3rUztg/7d
mU5ipNUZOWUB/M9n5kO1FXCORTg6PhZll9PM8JJm6tY3u5z4hWMUse3p5i+Lb8KP
3+mfykwfwItywzQbvhRb34ok49KSnVv8kKWU/YZSY83FLUV3aqi57gd3hKL68mnt
+Q3ugRCcP1WWIOy7G7xYjLC4XCIAreQiVm9iKzuz7h9kxuh+yUJIeHfniVTH9ntH
gfMWrM3l2eGZTebT6kykgEAZyK55X6LEIq5N5zKHJKlQUCTt5YIkXZIYtIXescHY
Usf0cEH9VJM0YetU4pbqlcoMc4dJE5JO9wttzpSpNal/+Dci6YiATN71OOO3/fDZ
fsN8GW64nVzQJ5Np8vSQnLXRCexN5qwZF0s53B1cCLAqO5rTb5vh5KbaGQu/7UNs
V1AWFh2kBDcs/FC00R35+w5yiP4hj1jQ+2jEjighcvPIWPzYUvPQdEALdWVlDMfk
mnvH8Q7eYqZbF2V91/mUaDUgHOmtCR/jj7o7NxjKP1t+N8+ziRlxZUJfe0qeLzOK
AzYcefg17IKZLtYHlOasNLXydOk5hM1bTmlhf7ki2pa5MOgqJbx467sbc026F15p
QE8e4U2VXsSbD6rmk09pX1i97AkhiKWfxZtnkKU/QquI55fObdc4x+aqkPO+qDoP
f3lks7ce7CYM9yp3UBUiKIq2cJcHiiqnap6Kgrc/iZZuvXaS4CMlWno0mi6Zbdkm
6OOkXqBVvFCZr6I/lNb/T3izb2t64/1edgeOrYNGwrsgRElt/2j2jObRajV/4ieg
hfVP5g4GOX24TMb7y7IaC6izFV/cIsQ44VuAmWJ2KtPZ3yY55aNmVeaMmxvQWiaY
9zr1gwt7nF0Ie61MhNSa2v+BpG0HZwY+H8YqCZaQLLgZxDg3ua3V26Hk24sKi874
Pm0l+L0ivQDvI+eCySAaLPGZ9posSwqVtUjNSbJtLSXCVohB6pCMGvM/P6OTzGeB
yLZuxnrc0Yy2xtN3Z3SO7fzRGtgxtDX1ZYC0WKf1qMDw2TXrzfJbksBzZE7iHN6m
ZQfLom/Cl7PoZMJo+xofeDUtsx5tFNko+mo91vvxyhFh/LXBenTkOZbehwrpuSYV
haJ8198txIYBcouQxLFbSlkv2leFw1fJ09VS0fZxiHVTYyS1ZTCzIMQ4WIkWL9Ax
ofAfODRxjoR7dEScjMbdsuFi866MKVz3nw7AKlUDptF5wx5Oy4xdKT76i2GQ/ubp
G+wouzwhPqtdPIo3SWv/LL9wZ0WywpykUTEMRlsECx1mr7tGJS1Es9YOh7SBt2VB
PJKrC9Gwv4XzEVJ5v+/ret19CjC6Rf71
-----------------------------------------------------------------------------------------
!!! DANGER !!!
DON'T try to change files by yourself, DON'T use any third party software for restoring your data or antivirus solutions - its may entail damage of the private key and, as result, The Loss all data.
!!! !!! !!!
ONE MORE TIME: Its in your interests to get your files back. From our side, we (the best specialists) make everything for restoring, but please should not interfere.
!!! !!! !!!
---=== Welcome. Again. ===---
[+] Whats Happen? [+]
Your files are encrypted, and currently unavailable. You can check it: all files on your system has extension 939p4pjc.
By the way, everything is possible to recover (restore), but you need to follow our instructions. Otherwise, you cant return your data (NEVER).
Also we downloaded whole file server and make Sage backup, that means leak includes:
-Detailed engineering diagrams;
-Finance reports (Payrolls, incomes, budget and so on);
-NDA with customers and subcontractors;
-Employee information;
-Other things;
In case of your silence we will publish it in our "Happy blog"
[+] What guarantees? [+]
Its just a business. We absolutely do not care about you and your deals, except getting benefits. If we do not do our work and liabilities - nobody will not cooperate with us. Its not in our interests.
To check the ability of returning files, You should go to our website. There you can decrypt one file for free. That is our guarantee.
If you will not cooperate with our service - for us, its does not matter. But you will lose your time and data, cause just we have the private key. In practice - time is much more valuable than money.
[+] How to get access on website? [+]
You have two ways:
1) [Recommended] Using a TOR browser!
a) Download and install TOR browser from this site: https://torproject.org/
b) Open our website: http://aplebzu47wgazapdqks6vrcv6zcnjppkbxbr6wketf56nf6aq2nmyoyd.onion/41205AACA49B26FF
2) If TOR blocked in your country, try to use VPN! But you can use our secondary website. For this:
a) Open your any browser (Chrome, Firefox, Opera, IE, Edge)
b) Open our secondary website: http://decoder.re/41205AACA49B26FF
Warning: secondary website can be blocked, thats why first variant much better and more available.
When you open our website, put the following data in the input form:
Key:
O02CegGAbdOsK8NthHwzSTQN+yh56dn1E0FmFJc9m3TiWyyUb3G+OAM0vGN332R/
pdF/hkQG6ClYC7iVKb4lBhcBGV7B7zSzShh7Xb6L8G+5p4Mrsl1cXgOwr0dri41t
q45afFEJtfuLw0fKTe4etS20UJBX7ZhDOLEddpwN+O3yOiQoM7Qd0WFCrAFQLccR
tcVCdtV4gmNaBFm6hv6UQV3WPkp47CSb+MdPc565SOGROAwxIEnytWO6kHGPhccw
oLYvhxR40DbzMHOHDfYJHj+WxEC9rV20j9TKBmHDwYQypxKa8AFX1Sj2TPQi/3xr
z1BGoETMUgLqL6Kwjc/XEmxodJ16D5+u0dJG2ZRIuP9ShNyB1cawNP/q4ls8omF/
JzDUpPurdi51wtn+p/Wgn5VS4GT8znRzFnet/4fI5Orc8TDXipHvZYibqlNrYWl4
+uySdYy0349M0d+dHKHJgY7v8XRuPfAPMMUtfSbM9ZukLtRHD9wnxbSpha0floNh
auTFsyOTsawMgaFXgZK8TzXyCrijB8BCnSVwlAvLO/m3hNmG4EftE92LU7ZnBjiA
zRZTLjm7dCrpE1lDdPCTFSNpaTy7dlZIowupSDGAhQF7udtpNLY5KYTzEvy4B0WT
Td5zwSNzfPCfFPNSvJxxou4B+NOoe1wMpvTnZwOWXougFpKDvH9T1mT9xYJCxjLo
pyaJPoBrQCpcQ9Ttt54W61rUcwKxJA6Vcwqqt7iv3aaMNQM3AnS6HP8eFJ3CbPUD
D3aJT+LrX20RrY3KfMdxarTXt66o0503lcqv0lxL592y/bJbXPYWqyHaAiPTss4l
KXAWEOmH0dqBZ3bqNSLH9Ky37oakMq3taTCjMQ2gPZzDub2SQbXq1B/RmvFUVWNI
LYS33zpgdX5aY2kM/hMCCxCD4OCsHksUkLC3gpM/NlrecMobFT/+T9bRrHG1JZdM
UX267hOgqmm5HXuL8XpNoNMGTVoWcq1L/UpdNxBuL8hQbGjaDYRrVZkzWbrumZeq
9Hook72s8hTy3CHCu1zuPHUI2IeYk87TmwYNZNqIvNSUpcUqr9/2QF612fzmkv2E
BEMmiHgKHOnCx8pz2gEGdxa+X2aJwjVJss8YLBZYJ5jvdcLuMX5z7DBMcYIhHREy
7I80mtVVPiNWsM2cpUTo5ZVc0vAABeeKd0StEjaJDRn1QW8oRvLXmLz2YoUfFTeD
MwF8b7nKPQcuS2iqXzPMJNBqUCnBo5KUzmlanbiB/g5L/R5fsmb8KWT5ftAojpPH
BWo6vYqNXokMH+hLpj0p6o5WIV0QuiwlQiQXy/g+n6q4CP9CT2h4sFAxEHI9tpWn
dYk3MBIF6D6S4XhDVg8HWHXZrLQewZpLsAKi05plyNQ=
-----------------------------------------------------------------------------------------
!!! DANGER !!!
DON'T try to change files by yourself, DON'T use any third party software for restoring your data or antivirus solutions - its may entail damage of the private key and, as result, The Loss all data.
!!! !!! !!!
ONE MORE TIME: Its in your interests to get your files back. From our side, we (the best specialists) make everything for restoring, but please should not interfere.
!!! !!! !!!
